chpark
035eb0259f
Build & Deploy / build-and-deploy (push) Failing after 1m56s
- Dockerfile: Expo web export → nginx multi-stage 빌드 - nginx.conf: SPA fallback, gzip, health endpoint - K8s manifests: namespace, deployment (2 replicas), service, ingress - Traefik IngressRoute (선택적) 포함 - Gitea Actions workflow: push 시 빌드→Gitea Registry push→rollout restart - DEPLOY.md: 초기 설정 가이드 (kubeconfig, secrets, DNS) Domain: insurance.junggomoa.com Co-Authored-By: Claude Opus 4.7 (1M context) <noreply@anthropic.com>
86 lines
2.7 KiB
YAML
86 lines
2.7 KiB
YAML
name: Build & Deploy
|
|
|
|
on:
|
|
push:
|
|
branches:
|
|
- master
|
|
- main
|
|
workflow_dispatch:
|
|
|
|
env:
|
|
REGISTRY: git.junggomoa.com
|
|
IMAGE_NAME: chpark/insurance
|
|
|
|
jobs:
|
|
build-and-deploy:
|
|
runs-on: ubuntu-latest
|
|
steps:
|
|
- name: Checkout
|
|
uses: actions/checkout@v4
|
|
|
|
- name: Set short SHA
|
|
run: echo "SHORT_SHA=$(git rev-parse --short HEAD)" >> $GITHUB_ENV
|
|
|
|
- name: Set up Docker Buildx
|
|
uses: docker/setup-buildx-action@v3
|
|
|
|
- name: Log in to Gitea Container Registry
|
|
uses: docker/login-action@v3
|
|
with:
|
|
registry: ${{ env.REGISTRY }}
|
|
username: ${{ secrets.REGISTRY_USER }}
|
|
password: ${{ secrets.REGISTRY_TOKEN }}
|
|
|
|
- name: Build and push image
|
|
uses: docker/build-push-action@v5
|
|
with:
|
|
context: .
|
|
push: true
|
|
tags: |
|
|
${{ env.REGISTRY }}/${{ env.IMAGE_NAME }}:latest
|
|
${{ env.REGISTRY }}/${{ env.IMAGE_NAME }}:${{ env.SHORT_SHA }}
|
|
cache-from: type=registry,ref=${{ env.REGISTRY }}/${{ env.IMAGE_NAME }}:buildcache
|
|
cache-to: type=registry,ref=${{ env.REGISTRY }}/${{ env.IMAGE_NAME }}:buildcache,mode=max
|
|
|
|
- name: Set up kubectl
|
|
uses: azure/setup-kubectl@v4
|
|
with:
|
|
version: "v1.29.0"
|
|
|
|
- name: Configure kubeconfig
|
|
run: |
|
|
mkdir -p $HOME/.kube
|
|
echo "${{ secrets.KUBE_CONFIG }}" | base64 -d > $HOME/.kube/config
|
|
chmod 600 $HOME/.kube/config
|
|
|
|
- name: Ensure namespace & registry secret
|
|
run: |
|
|
kubectl apply -f deploy/k8s/namespace.yaml
|
|
kubectl -n insurance create secret docker-registry gitea-registry \
|
|
--docker-server=${{ env.REGISTRY }} \
|
|
--docker-username=${{ secrets.REGISTRY_USER }} \
|
|
--docker-password=${{ secrets.REGISTRY_TOKEN }} \
|
|
--dry-run=client -o yaml | kubectl apply -f -
|
|
|
|
- name: Apply manifests
|
|
run: |
|
|
kubectl apply -f deploy/k8s/deployment.yaml
|
|
kubectl apply -f deploy/k8s/service.yaml
|
|
if [ "${{ secrets.INGRESS_MODE }}" = "ingressroute" ]; then
|
|
kubectl apply -f deploy/k8s/ingressroute-traefik.yaml
|
|
else
|
|
kubectl apply -f deploy/k8s/ingress.yaml
|
|
fi
|
|
|
|
- name: Update deployment image & restart
|
|
run: |
|
|
kubectl -n insurance set image deployment/insurance-web \
|
|
web=${{ env.REGISTRY }}/${{ env.IMAGE_NAME }}:${{ env.SHORT_SHA }}
|
|
kubectl -n insurance rollout status deployment/insurance-web --timeout=180s
|
|
|
|
- name: Show deployment info
|
|
run: |
|
|
kubectl -n insurance get deployment,svc,ingress
|
|
echo ""
|
|
echo "🚀 Deployed: https://insurance.junggomoa.com"
|